private static final String STR_INT_STUB_CLS_CFG = "INTERFACE_STUB_CLASS";
private static final String STR_FILE_TRF_CFG = "ADDITIONAL_ZIP_FILE";
private static final String STR_LANGUAGE = "LANGUAGE";
+ private static final String STR_ADD_MAC_POL = "ADDITIONAL_MAC_POLICY";
private static final String STR_YES = "Yes";
private static final String STR_NO = "No";
private static final String STR_JAVA = "Java";
processJailConfig.configureProcessJailDeviceDriverPolicies(strIoTSlaveObjectHostAdd, strObjName, strObjClassName,
strFileName, strIoTMasterHostAdd, commHan.getComPort(strObjName), commHan.getRMIRegPort(strObjName),
commHan.getRMIStubPort(strObjName));
+ // Check for additional MAC policy
+ String strMACConfigPath = STR_IOT_CODE_PATH + strObjClassName + "/";
+ String strCfgFile = strMACConfigPath + strObjClassName + STR_CFG_FILE_EXT;
+ String strAddMACPolicy = parseConfigFile(strCfgFile, STR_ADD_MAC_POL);
+ if (strAddMACPolicy != null && strAddMACPolicy.equals("Yes"))
+ processJailConfig.combineAdditionalMACPolicy(strMACConfigPath, strObjClassName, strIoTSlaveObjectHostAdd);
processJailConfig.configureProcessJailContRMIPolicies(strObjControllerName, strIoTSlaveObjectHostAdd,
commHan.getRMIRegPort(strObjName), commHan.getRMIStubPort(strObjName));
}
strIoTMasterHostAdd = routerConfig.getIPFromMACAddress(STR_MASTER_MAC_ADD);
// Assign a new list of PrintWriter objects
routerConfig.renewPrintWriter();
+ HashSet<String> setAddresses = null;
// Loop as we can still find controller/device classes
for(int i=0; i<strObjectNames.length; i++) {
// PROFILING
String strFileName = STR_MAC_POL_PATH + STR_JAVA + STR_MAC_POLICY_EXT;
processJailConfig.configureProcessJailControllerPolicies(strObjControllerName, strFileName,
strIoTMasterHostAdd, commHan.getComPort(strObjControllerName));
+ // Whether or not we need additional Tomoyo policy?
+ String strAddMACPolicy = parseConfigFile(strControllerCfg, STR_ADD_MAC_POL);
+ if (strAddMACPolicy != null && strAddMACPolicy.equals("Yes")) {
+ String strContMACCfg = STR_CONT_PATH + strObjControllerName + "/";
+ processJailConfig.combineAdditionalMACPolicy(strContMACCfg, strObjControllerName, strObjControllerName);
+ }
}
// PROFILING
result = System.currentTimeMillis()-start;
// Combine controller MAC policies with the main policy file for the host
String strTempFileName = "./" + strObjControllerName + STR_MAC_POLICY_EXT;
processJailConfig.combineControllerMACPolicies(strIoTSlaveControllerHostAdd, strObjControllerName, strTempFileName);
- processJailConfig.close();
+ processJailConfig.flush();
// PROFILING
result = System.currentTimeMillis()-start;
setRouterBasicPolicies(STR_ROUTER_ADD);
routerConfig.closeMain();
// Deploy the policy
- HashSet<String> setAddresses = new HashSet<String>(commHan.getHosts());
+ setAddresses = new HashSet<String>(commHan.getHosts());
setAddresses.add(strIoTMasterHostAdd);
createPolicyThreads(STR_ROUTER_ADD, setAddresses);
commHan.printLists();
commHan.clearCommunicationHandler();
lbIoT.printHostInfo();
- if (STR_ACTIVATE_SANDBOXING.equals("Yes"))
- createMACPolicyThreads(setAddresses);
}
// Close access to policy files and deploy policies
routerConfig.close();
+ processJailConfig.close();
+ if (STR_ACTIVATE_SANDBOXING.equals("Yes"))
+ createMACPolicyThreads(setAddresses);
} catch (IOException |
InterruptedException |